Re: preappoval request for avahi t-p-u upload
Michael Biebl wrote:
> Hi release team,
>
> I already asked for an unblock for avahi 0.6.23-2 some time ago [1].
> The debdiff between 0.6.22-3 and 0.6.23-2 has already reviewed and the only
> major complaint then was, that during an upgrade, the sysv init script update
> procedure re-enabled a disabled service [2]. It tried to address that in
> 0.6.23-4. The other changes, from what I remember, where considered ok.
>
> So what remains to review, is the changes between 0.6.23-2 and 0.6.23-4, one of
> them containing a security fix (CVE-2008-5081) which would be good to have in
> lenny.
>
>
>
> The changelog is:
>
>
> avahi (0.6.23-4) unstable; urgency=low
>
> * debian/avahi-{daemon,dnsconfd}.postinst
> - When upgrading the init script priorities, check if the service is
> enabled for the default runlevel before removing the old init script
> symlinks to avoid accidentally re-enabling it. (Closes: #499815)
>
> -- Michael Biebl <biebl@debian.org> Wed, 14 Jan 2009 23:22:59 +0100
>
> avahi (0.6.23-3) unstable; urgency=low
>
> [ Loic Minier ]
> * Generate a POT file during build; helps downstreams such as Ubuntu import
> an always up-to-date pot, even we patch the source of upstream forgets to
> do so; from Ubuntu; thanks Martin Pitt; closes: #486908.
>
> [ Michael Biebl ]
> * debian/avahi-daemon-check-dns.sh
> - Fix quoting error in dns_has_local().
> Thanks to James Westby for the patch. (Closes: #492466)
>
> [ Sjoerd Simons ]
> * debian/patches/14_CVE-2008-5081.patch
> - Added. Don't abort on receiving an UDP packet with a source port of zero.
> Fixes CVE-2008-5081 (Closes: #508700)
>
> -- Sjoerd Simons <sjoerd@debian.org> Sun, 14 Dec 2008 19:39:58 +0000
>
>
> The complete debdiff between 0.6.23-2 and 0.6.23-4 is attached.
>
> Only problem is, that libdaemon, on of the build-deps, has bumped shlibs in
> unstable.
>
> So if the release team acks this changes, I'd re-upload -4 as -3lenny1 with
> target testing-proposed-updates to t-p-u. I hope this is the correct approach.
> If not, please advice.
Ok, please upload.
Cheers
Luk
Reply to: